Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9b783c-9f59-4696-82c4-48b4955f0600/1/hVmt0hiJ0SO8bnDoHsQo-TQtDy8.roa
File: hVmt0hiJ0SO8bnDoHsQo-TQtDy8.roa (raw, json)
Hash identifier: jBkUBfmn8ejEWzmEbRhsI/z1lrJRKeecATcwSgpkG7g=
Subject key identifier: 85:59:AD:D2:18:89:D1:23:BC:6E:70:E8:1E:C4:28:F9:34:2D:0F:2F
Certificate issuer: /CN=11d19f88b0dc1b890254db94a9b62046d6be794b
Certificate serial: 01833B23323FE560276078E04C8462C97B5E
Authority key identifier: 11:D1:9F:88:B0:DC:1B:89:02:54:DB:94:A9:B6:20:46:D6:BE:79:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EdGfiLDcG4kCVNuUqbYgRta-eUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/9b783c-9f59-4696-82c4-48b4955f0600/1/hVmt0hiJ0SO8bnDoHsQo-TQtDy8.roa
Signing time: Wed 14 Sep 2022 08:35:05 +0000
ROA not before: Wed 14 Sep 2022 08:35:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5598
IP address blocks: 176.101.97.144/28 maxlen: 28
176.101.97.128/28 maxlen: 28
176.101.96.0/19 maxlen: 19
176.101.96.96/27 maxlen: 27
176.101.104.0/23 maxlen: 23
176.101.102.0/23 maxlen: 23
176.101.110.0/24 maxlen: 24
176.101.106.0/23 maxlen: 23
176.101.108.0/23 maxlen: 23
176.101.125.0/24 maxlen: 24
176.101.127.0/24 maxlen: 24
176.101.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3b:23:32:3f:e5:60:27:60:78:e0:4c:84:62:c9:7b:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11d19f88b0dc1b890254db94a9b62046d6be794b
Validity
Not Before: Sep 14 08:35:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8559add21889d123bc6e70e81ec428f9342d0f2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:bb:27:99:89:e0:81:57:6e:b6:4d:f7:b1:4f:
2d:5c:04:d7:f5:40:97:35:8f:0d:4d:6c:06:0a:c6:
4f:21:51:e0:6a:79:6c:ee:a4:d1:ea:56:22:24:1d:
3c:56:04:47:4d:e0:4f:e5:4a:ec:94:52:8e:aa:8c:
c7:2c:87:5c:57:a8:b7:cb:3c:a2:f8:f2:27:25:e4:
a3:98:dc:64:ca:ff:dc:08:30:17:82:a7:b5:fd:30:
72:39:32:5c:2b:fc:84:ed:e7:f7:ef:81:a0:24:c0:
b2:ff:91:35:5c:37:a6:5e:1f:4b:36:2c:8e:0b:8d:
f7:f6:10:0a:75:58:6d:9f:37:65:d3:a6:ae:62:8d:
ff:ed:97:5c:04:86:2e:96:e5:f3:cf:29:03:f4:a4:
e8:3f:d2:75:f2:ad:f7:af:81:ec:2a:4c:51:c9:bc:
c5:5b:56:40:f6:f4:f5:5a:1e:7e:cf:b0:63:de:0a:
27:e9:40:2d:35:74:87:90:0b:d1:cb:bb:a1:e3:ab:
ec:25:f8:36:d6:da:8f:bc:50:3e:85:da:90:c2:88:
bc:f2:f1:15:f9:ed:f1:6d:6f:dc:aa:11:e4:de:69:
45:51:0e:60:95:55:c6:07:76:fa:13:d0:a3:b7:b6:
23:35:0e:5a:a3:dd:91:b4:e6:35:ac:e3:11:ed:b9:
d6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:59:AD:D2:18:89:D1:23:BC:6E:70:E8:1E:C4:28:F9:34:2D:0F:2F
X509v3 Authority Key Identifier:
keyid:11:D1:9F:88:B0:DC:1B:89:02:54:DB:94:A9:B6:20:46:D6:BE:79:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EdGfiLDcG4kCVNuUqbYgRta-eUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9b783c-9f59-4696-82c4-48b4955f0600/1/hVmt0hiJ0SO8bnDoHsQo-TQtDy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9b783c-9f59-4696-82c4-48b4955f0600/1/EdGfiLDcG4kCVNuUqbYgRta-eUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.101.96.0/19
Signature Algorithm: sha256WithRSAEncryption
80:62:98:c0:44:57:75:3a:4b:f7:a8:fb:9f:ed:e1:49:90:12:
62:b2:d4:91:9e:e8:43:fc:84:ae:d3:2e:40:f1:f6:24:3f:1a:
35:4d:96:d6:bc:86:69:6d:2e:88:eb:ec:17:c3:28:81:04:06:
15:09:d7:11:4f:74:55:7a:85:01:16:3b:58:c0:f1:71:ea:0c:
f9:d9:bb:c9:59:fb:a8:b5:72:95:4d:4b:f0:ff:ac:bc:05:35:
4b:cf:87:75:a0:a6:9b:55:de:4f:ef:06:1a:78:84:26:99:a6:
0c:fb:47:da:49:0b:d5:09:30:6e:5a:5a:95:6c:65:ff:00:17:
5c:2b:d2:42:af:ee:d5:25:3d:68:17:86:69:d6:2d:0b:ab:e7:
0e:57:39:a1:04:7b:7d:56:4c:73:15:5b:27:50:ba:59:0c:f4:
e3:05:fc:24:dd:30:ed:03:91:ec:6f:47:fc:e0:f3:ab:04:51:
0c:59:1c:aa:ab:e2:82:bb:42:56:7a:c6:19:7b:0a:a3:af:46:
14:e4:c4:ef:a6:26:37:61:71:30:29:4c:ee:e1:53:4c:4d:0a:
e0:8d:ae:94:f2:1d:57:39:38:89:fc:d1:28:ad:c4:82:d4:e1:
57:0e:75:7f:83:4f:ae:b5:74:c5:94:e9:b1:33:0c:e5:4e:d9:
a0:da:f8:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYM7IzI/5WAnYHjgTIRiyXteMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZDE5Zjg4YjBkYzFiODkwMjU0ZGI5NGE5YjYyMDQ2ZDZi
ZTc5NGIwHhcNMjIwOTE0MDgzNTA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTU5YWRkMjE4ODlkMTIzYmM2ZTcwZTgxZWM0MjhmOTM0MmQwZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrsnmYnggVdutk33sU8tXATX9UCX
NY8NTWwGCsZPIVHganls7qTR6lYiJB08VgRHTeBP5UrslFKOqozHLIdcV6i3yzyi
+PInJeSjmNxkyv/cCDAXgqe1/TByOTJcK/yE7ef374GgJMCy/5E1XDemXh9LNiyO
C4339hAKdVhtnzdl06auYo3/7ZdcBIYuluXzzykD9KToP9J18q33r4HsKkxRybzF
W1ZA9vT1Wh5+z7Bj3gon6UAtNXSHkAvRy7uh46vsJfg21tqPvFA+hdqQwoi88vEV
+e3xbW/cqhHk3mlFUQ5glVXGB3b6E9Cjt7YjNQ5ao92RtOY1rOMR7bnWAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIVZrdIYidEjvG5w6B7EKPk0LQ8vMB8GA1UdIwQY
MBaAFBHRn4iw3BuJAlTblKm2IEbWvnlLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWRHZmlMRGNHNGtDVk51VXFiWWdSdGEtZVVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85Yjc4M2MtOWY1OS00Njk2LTgyYzQt
NDhiNDk1NWYwNjAwLzEvaFZtdDBoaUowU084Ym5Eb0hzUW8tVFF0RHk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85Yjc4M2MtOWY1OS00Njk2LTgyYzQtNDhiNDk1NWYwNjAw
LzEvRWRHZmlMRGNHNGtDVk51VXFiWWdSdGEtZVVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFsGVgMA0G
CSqGSIb3DQEBCwUAA4IBAQCAYpjARFd1Okv3qPuf7eFJkBJistSRnuhD/ISu0y5A
8fYkPxo1TZbWvIZpbS6I6+wXwyiBBAYVCdcRT3RVeoUBFjtYwPFx6gz52bvJWfuo
tXKVTUvw/6y8BTVLz4d1oKabVd5P7wYaeIQmmaYM+0faSQvVCTBuWlqVbGX/ABdc
K9JCr+7VJT1oF4Zp1i0Lq+cOVzmhBHt9VkxzFVsnULpZDPTjBfwk3TDtA5Hsb0f8
4POrBFEMWRyqq+KCu0JWesYZewqjr0YU5MTvpiY3YXEwKUzu4VNMTQrgja6U8h1X
OTiJ/NEorcSC1OFXDnV/g0+utXTFlOmxMwzlTtmg2viZ
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:23:30 2025 by rpki-client